The Housing Authority of the County of San Bernardino in California recently disclosed a data breach affecting nearly 19,000 individuals. The breach occurred in June when hackers gained unauthorized access to an employee email account, resulting in the compromise of names and Social Security numbers. The housing authority promptly responded by resetting passwords and initiating a thorough investigation with a third-party forensic team. While the review confirmed that only a limited amount of information was accessed, the affected individuals will be offered one year of free credit monitoring services. The incident has been reported to regulators in Maine and California.
The Housing Authority of the County of San Bernardino (HACSB), with over 80 years of operation, serves about 26,000 people, primarily seniors, individuals with disabilities, veterans, and children. The organization provides rental assistance to low-income families through housing units it owns and manages or by subsidizing housing assistance for landlords. This breach is part of a growing trend of cyberattacks on housing authorities, with incidents reported across the U.S., including a ransomware attack on North Carolina’s Raleigh Housing Authority in August 2023 and the Housing Authority of the City of Los Angeles (HACLA) being targeted by the LockBit ransomware group in January.
The San Bernardino County’s sheriff’s department also faced a ransomware attack last year, emphasizing the cybersecurity challenges organizations, including housing authorities, encounter. The disclosure of this data breach underscores the need for robust cybersecurity measures and swift responses to mitigate the impact of such incidents. The affected individuals will likely scrutinize the housing authority’s actions to secure their data and address vulnerabilities in the aftermath of the breach, highlighting the broader concerns around data security in public organizations managing sensitive personal information.